Security

Cryptojacking only really coalesced as a class of attack about six months ago, but already the approach has evolved and matured into a ubiquitous threat. Hacks that co-opt computing power for illicit cryptocurrency mining now target a diverse array of victims, from individual consumers to massive institutions—even industrial control systems. But the latest victim isn't some faceless internet denizen or a Starbucks in Buenos Aires. It's Tesla. Researchers at the cloud monitoring and defense firm Red Lock published findings on Tuesday that some of Tesla's Amazon Web Services cloud infrastructure was running mining malware in a far-reaching and well-hidden cryptojacking campaign. The researchers disclosed the infection to Tesla last month, and the company quickly moved to decontaminate and lock down its cloud platform within a day. The carmaker's initial investigation indicates that data exposure was minimal, but the incident underscores the ways in which cryptojacking can pose a … [Read more...] about Hackers Enlisted Tesla’s Cloud to Mine Cryptocurrency

Tesla Roadster 2. Credit: Tesla Motors Cryptojacking--cryptocurrency mining via malware, hacking, or other malicious means--has been on the rise as a potentially lucrative “business” for cyber criminals. Tesla is the latest to fall victim to such an attack. Researchers from RedLock, a cloud security company, uncovered a cryptojacking attack against some of Tesla’s cloud systems. Tesla Systems Not Password Protected The attackers were able to hack Tesla’s Kubernetes console, which it uses to manage its application containers, in part because there was no password protection enabled for the system. This lapse in Tesla’s security exposed access credentials for the company’s Amazon Web Services (AWS) environment. From there, the attackers gained access to an Amazon S3 bucket that contained sensitive data, such as car telemetry. Tesla seems to be in good company, because Aviva, a British multinational insurance company, and Gemalto, the world’s … [Read more...] about Tesla Cloud Servers Hacked By Cryptojackers

Credit: Imperva An Imperva study found that cryptojacking attacks are on the rise, with 88% of remote code execution (RCE) attacks sent a request to download cryptomining clients to infected machines. Cryptojacking Through RCE Vulnerabilities According to Imperva, RCE vulnerabilities are usually exploited by attackers in a manner that brings them the most money. Up until now, RCE flaws were used to enroll the infected machines to DDoS botnets and then offer that botnet as a “DDoS for hire” service. However, in the past few months, attackers have been increasingly switching from building large botnets to infecting machines with cryptomining malware. They then make money from selling the generated cryptocurrency. This way, the attackers can eliminate the middlemen and see a faster return on investment. Attackers prefer to use cryptocurrencies that use mining algorithms that can be solved by CPUs, such as Monero, or GPUs, such as Ethereum. Imperva also found the … [Read more...] about Report: Cryptojacking Drives 88% Of Remote Code Execution Attacks

Special counsel Robert Mueller’s indictment against Russia’s Internet Research Agency contains a number of striking moments, from the inflammatory ads bought by the so-called “troll factory” to the rampant identity theft against US citizens. But what stands out most may be the reminder that for Russia, subverting the foundations of US democracy was just another 9 to 5. The IRA is by now a known quantity; Adrian Chen detailed operations in deeply reported New York Times piece in 2015. At the time, Chen described rank and file workers huddled together in bland office spaces, charged with meeting trolling quotas intended to rile up Ukraine, for instance, or sow general confusion in the US. If the focus were on anything other than upsetting the geopolitical order, it would all seem pretty mundane. But while previous IRA accounts are plenty jarring in and of themselves, the Justice Department’s indictment—with its unfiltered internal communications and an … [Read more...] about For Russia, Unraveling US Democracy Was Just Another Day Job

For some time, there has been a conflation of issues—the hacking and leaking of illegally obtained information versus propaganda and disinformation; cyber-security issues and the hacking of elections systems versus information operations and information warfare; paid advertising versus coercive messaging or psychological operations—when discussing “Russian meddling” in the 2016 US elections. The refrain has become: “There is no evidence that Russian efforts changed any votes.” But the bombshell 37-page indictment issued Friday by Robert Mueller against Russia’s Internet Research Agency and its leadership and affiliates provides considerable detail on the Russian information warfare targeting the American public during the elections. And this information makes it increasingly difficult to say that the Kremlin's effort to impact the American mind did not succeed. The indictment pulls the curtain back on four big questions that have swirled around … [Read more...] about Did Russia Affect the 2016 Election? It’s Now Undeniable

Facebook has always nudged truant users back to its platform though emails and notifications. But recently, those prods have evolved beyond comments related to activity on your own profile. Now Facebook will nag you when an acquaintance comments on someone else’s photo, or when a distant family member updates their status. The spamming has even extended to those who sign up for two-factor authentication—which is a great way to turn people off to that extra layer of security. “The part of it that bugs me is that two-factor authentication is something [Facebook] should be encouraging people to use, but instead the way this is working here is that they’re driving people away from two-factor and making people less secure,” says Matt Green, a professor at the Johns Hopkins University Information Security Institute, who has done contracted security work for Facebook in the past. “It’s abusive, people’s attention is deliberately tweaked by what … [Read more...] about Facebook Notification Spam Has Crossed the Line

Sixteen months after the 2016 election, it's no longer a surprise that the Russian government stooped to lies and disinformation to push a pro-Trump, hyper-divisive agenda. But now it's clear those trolls went a step further: Actually stealing the identities of real Americans to impersonate US voices online and hide their tracks. On Friday, the US Justice Department released a 37-page indictment of 13 Russians involved in the so-called Internet Research Agency, a shady organization based in St. Petersburg and long known to be focused on social media disinformation, often targeting US domestic politics. The indictment accuses the alleged trolls of everything from buying Facebook and Twitter ads to promote their fake news agenda to arranging astroturf protests. But there's also one fresh element in those charges that goes beyond general fraud. The indictment also accuses the IRA "specialists" of outright identity theft and wire fraud, stealing American victims' sensitive details … [Read more...] about Russian Trolls Stole Real US Identities to Hide in Plain Sight

Robert Mueller’s special counsel investigation into Russia’s impact on the 2016 election entered a new phase Friday, as his team indicted 13 Russian nationals and three Russian organizations for their “conspiracy” to illegally influence the US presidential campaign. It was an indictment unprecedented in American history—a direct and public charge that America’s main foreign adversary meddled extensively, expensively, and expansively in the core of the American democratic process, attempting to influence voters, spread disparaging information about the Democratic nominee, and “help” presidential candidate Donald Trump take office. The new charges were simultaneously unveiled by Mueller and expanded upon in rare public remarks by deputy attorney general Rod Rosenstein, who oversees Mueller’s investigation. It's the first time that Mueller, who previously charged or received guilty pleas from four Trump aides, has brought criminal … [Read more...] about A Blockbuster Indictment Details Russia’s Attack on US Democracy

A district court in Belgium ruled that Facebook is indeed violating EU’s privacy laws with its "shadow tracking" of users across the web. Unless the company changes its behavior, it will have to pay 250,000 euro ($310,000) a day in fines. Facebook’s Difficult Time In The EU Two years ago, Facebook emerged as the victor in a lawsuit launched by the Belgium Privacy Commission against the company for violations of EU privacy laws. The Commission accused Facebook of tracking both users and non-users of its platform across the web via the “datr” cookie. Facebook has for years said that the datr cookie wasn’t meant to track users across the web, and when it got caught twice doing it anyway, the company said it was only a bug and that it would be fixed. However, in the lawsuit at the time, Facebook argued that it has to use the datr cookie to track everyone for security purposes. Facebook argued that it could use the datr cookie to identify PCs infected by … [Read more...] about Facebook Loses Belgium Privacy Lawsuit

According to the UK and U.S. governments, the Russian military launched the NotPetya attack last June, causing billions of dollars in damage in multiple countries, in an effort to destabilize Ukraine. NotPetya’s Devastating Attack The NotPetya malware got its name because it was built out of a variant of another strain of malware called Petya. Initially, security experts thought it was the same Petya attack they’ve seen before, because the two malware strains shared much of the code. The original Petya developer eventually had to release the master key to the existing Petya malware just to prove he or his group were not behind the NotPetya attack. NotPetya was disguised as ransomware, perhaps to make everyone believe that the people behind it are just another cyber crime group trying to make money from ransomware. In reality, NotPetya’s goals were either to backdoor or destroy the Ukraine IT infrastructure. The malware was able to infect over 2,000 Ukrainian … [Read more...] about UK, US Governments Attribute NotPetya Attack To Russian Military